WhiteHat Experts Share Tips for National Cybersecurity Awareness Month

A collaborative effort between government and industry, National Cybersecurity Awareness Month (NCSAM) is observed every October in an effort to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to stay safer and more secure online.

NCSAM focuses on a different theme each year. This year, it will emphasize personal accountability and stress the importance of taking proactive steps to enhance cybersecurity at home and in the workplace.

Below, five WhiteHat Security experts share their tips and best practices to ensure you and your kids stay safe when online.

Stay Safe Online: Best Practices and Tips

Strengthen Your Passwords

• Use a password manager! (I like Bitwarden) – Bryan Becker, product manager
• Never use common or repetitive passwords for your online accounts. Use complex phrases at least 12-characters long and include special characters and numbers in it. – Sandeep Potdar, principal product manager
• Use a passphrase that is not easily guessable. – Lauren McCaslin, vulnerability verification team lead

• Use multi-factor authentication when possible. If a website or app allows for multi-factor authentication, the hassle is worth the extra level of security. This is usually in the form of a code that comes to your registered phone or email address. – Harold Sasaki, director, IT and and TechOps

Think Before You Click

• Don’t click suspicious links in emails, ever. Nothing good has ever come of that. – Bryan Becker
• Look out for invasive advertising and don’t click, however enticing the offer seems to be. If a website contains a large number of ads that pop up automatically, the site is most likely not legit. Being proactive is the best approach: placing an ad blocker within the web browser can help prevent any unsavory adverts. – Rachael Andrews, vulnerability verification specialist

Be Browser Safety Aware

As a first step, Rachael Andrews suggests that we should always ensure all devices are up to date; do not ignore software updates. Bryan Becker has the following advice: “Pay attention to browser security warnings. If your browser says the page appears unsafe, BELIEVE IT and turn back. Please be careful about browser extensions. Many ‘helpful’ extensions with positive reviews are actually very harmful and designed to track your data (or worse!). If you don’t need it, don’t install it.”

Caution When Shopping Online

Harold Sasaki advises on being cautious while making online purchases. It’s best to stay with secure sites. “Stores like Amazon, eBay, Walmart and Nordstrom spend a lot of money and resources to make sure your data is safe. Just because a store uses encryption does not mean that once they have your data that it is kept secure. Avoid smaller unknown sites that may or may not have the proper level of security for your data. Larger established companies also usually have a well-defined process for disputing purchases that may be fraud. Keep an eye on your credit card statements for unauthorized charges, even at stores you normally shop at.”

Check Twice Before You Post

Another piece of good advice from Harold Sasaki: “Keep social media content private. Unless you are a movie star, or these days a YouTube star, you should be careful about what personal data you post on social media. This is a common way that celebrities get hacked as passwords are often derived from pets’ names, favorite foods, or other personal information. Public personal data also increases your risk for identity theft.”

Insecure Public WiFi

“When connected to the internet using public WiFi at restaurants, airports, etc., always use a VPN to avoid any snooping or man-in-the-middle attacks. And even before you travel or are in a different country, assume that anything you post online is not private. So try not to post any personal details such as addresses, phone numbers, travel plans, etc. online unless really necessary,” says Sandeep Potdar.

Tips for Parents: Ensuring your Kids are Safe Online

Having a Conversation is the First Step

Bryan Becker recommends all parents to “Talk to your kids about cyber exploitation, talk with them about privacy and curating their online presence.  Teach your kids never to share personal details with strangers, and why it’s not safe to share the name of your first pet or the street you grew up on. Let them know they can come to you for help without being punished!”

Lauren McCaslin advises parents to “be involved and present, if possible, in order to teach your child safe internet practices. Set rules for internet usage and ensure your child knows the dangers of the internet and what to do if they encounter something suspicious.”

Social Media Access and Restrictions

Harold Sasaki suggests, “Restrict kids from setting up social media accounts. Social media apps should be restricting kids from setting up accounts. 13 is the age to be compliant with the Children’s Online Privacy Protection Act (COPPA). Some apps have a kids’ version that helps protect a child from some features and content. A good percentage of kids put in a false birthdate to get around these restrictions. You will need to monitor your kids’ usage and apps. Kids will usually try to get as many friends, followers, and subscribers. Many of these will be friends of friends or even strangers.”

Online Time Limits with Parental Controls

Hours and hours of staying online is definitely not proving to be beneficial to kids, and above all, it increases the surface area for exposure to more cyberthreats.  Harold Sasaki suggests parents work with their kids to implement online time limits. “Put a time limit on devices and turn them off at night. Related to social media, kids get a rush from seeing who liked their picture or post. These distractions take away from homework time, family time, and even sleep time. Just like gambling, alcohol, and some more healthy activities, kids get a rush of dopamine for responses to their social media. Beyond restrictions on devices, some WiFi routers allow for time restrictions on internet access.” Harold also advises on looking up content control in addition to time limits. “Most phones allow for parental restrictions to content including movies, music and online purchases. There are usually multiple levels of ratings that can correspond to the age of your child. Implement those and let your kids know as well.”

Stranger Aware

Sandeep Potdar has the following advice: “Never respond to strangers. Never meet someone in-person that you have met online, without taking a parent or another adult along. And above all, don’t post any personal details such as address, phone number, passwords, etc. online.”

Rachael Andrews points out that awareness is the key. “Parents must spend time to educate kids in school about the dangers online, such as phishing emails and why it’s important to not share your personal information with strangers.”